top 10 vulnerabilty scanners assessment tools

Insecure.org has the vulnerability scanner top 10 list for helping users choose a vulnerability scanner that would suit their strategy and requirements. Let us look into each of these scanners.

[adsense size='1']
#1. Nessus : Premier UNIX vulnerability assessment tool

Nessus was a popular free and open source vulnerability scanner until they closed the source code in 2005 and removed the free “registered feed” version in 2008. A limited “Home Feed” is still available, though it is only licensed for home network use. Some people avoid paying by violating the “Home Feed” license, or by avoiding feeds entirely and using just the plugins included with each release. But for most users, the cost has increased from free to $1200/year. Despite this, Nessus is still the best UNIX vulnerability scanner available and among the best to run on Windows. Nessus is constantly updated, with more than 20,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a GTK graphical interface, and an embedded scripting language for writing your own plugins or understanding the existing ones.
Source: Insecure.org

• Operating Systems: Windows, Mac OS X, OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
• Price: Paid
• Interface: GUI based tool

Though Nessus is a paid tool, Tenable Network Security has done its best in keeping its quality at great standards. The tool goes through severe testing before released and has not been observed in any shame list or done stuff that it was not intended to do. Even though this sounds simple, it isn’t. It is quite a job to maintain a stable product at top of the line. Hence, our 3-cheers to Nessus. The following is the sample Nessus Scanner[Source: Tenable Security]

#2. GFI LANguard : A commercial network security scanner for Windows

GFI LANguard scans IP networks to detect what machines are running. Then it tries to discern the host OS and what applications are running. I also tries to collect Windows machine’s service pack level, missing security patches, wireless access points, USB devices, open shares, open ports, services/applications active on the computer, key registry entries, weak passwords, users and groups, and more. Scan results are saved to an HTML report, which can be customized/queried. It also includes a patch manager which detects and installs missing patches. A free trial version is available, though it only works for up to 30 days.
Source: Insecure.org

• Operating Systems: Windows
• Price: Paid
• Interface: GUI based tool

Though GFI LANguard is a paid tool, it has one of the best interfaces that a scanner could possibly have. It is not the GUI alone, but more of the the details that they cover. The following are snapshots of GFI LANguard images[Source: GFI]:

Next in line is Retina, a commercial vulnerability scanner. Retina is a great vulnerability scanner used by many pentesters around the world.

[adsense size='1']
#3. RetinaVulnerability Management and Assessment: Commercial vulnerability assessment scanner by eEye

Like Nessus, Retina’s function is to scan all the hosts on a network and report on any vulnerabilities found. It was written by eEye, who are well known for their security research.
Source: Insecure.org

• Operating Systems: Windows
• Price: Paid
• Interface: GUI based tool

The following is the Scan dashboard of Retina [Source: eEye]:

Following the retina scanner is the Core Impact vulnerability scanner.
#4. Core Impact : An automated, comprehensive penetration testing product

Core Impact isn’t cheap (be prepared to spend tens of thousands of dollars), but it is widely considered to be the most powerful exploitation tool available. It sports a large, regularly updated database of professional exploits, and can do neat tricks like exploiting one machine and then establishing an encrypted tunnel through that machine to reach and exploit other boxes. If you can’t afford Impact, take a look at the cheaper Canvas or the excellent and free Metasploit Framework. Your best bet is to use all three.
Source: Insecure.org

• Operating Systems: Windows
• Price: Paid
• Interface: GUI based tool

Core Impact is a great tool for advanced vulnerability scanning. The following is a snapshot of course impact [Source: Forum]:

Core impact is really advanced tool from Core security, who also provide enough training for their tools and other things related to pentesting. Following core impact is the ISS Internet Security vulnerability scanner from the Internet Security Systems, which is now part of IBM.
#5. ISS Internet Scanner : Application-level vulnerability assessment

Internet Scanner started off in ’92 as a tiny open source scanner by Christopher Klaus. Now he has grown ISS into a billion-dollar company with a myriad of security products.
Source: Insecure.org

• Operating Systems: Windows
• Price: Paid
• Interface: GUI based tool

The following is a snapshot of ISS Security Scanner [Source: computec]

X-scan is a vulnerability scanner that is as described below:
#6. X-scan : A general scanner for scanning network vulnerabilities

A multi-threaded, plug-in-supported vulnerability scanner. X-Scan includes many features, including full NASL support, detecting service types, remote OS type/version detection, weak user/password pairs, and more. You may be able to find newer versions available here if you can deal with most of the page being written in Chinese.
Source: Insecure.org

• Operating Systems: Windows
• Price: FREEWARE
• Interface: GUI based tool

The following is a snapshot of X-scan Vulnerability Scanner [Source: Tuts]

Following the X-scan vulnerability scanning tool, is the Security Auditor’s Research Assistant[SARA] tool. Though this tool works in several Operating Systems(OS), this tool is no more under development or research. Unfortunately, this tool has come to an end. The following is copied and pasted from SARA’s official website:

[adsense size='1']
The Security Auditor’s Research Assistant (SARA) is a third generation network security analysis tool that that has been available and actively updated for over 10 years. Sadly, all good things have to come to an end and so it goes for SARA. SARA 7.9.1 is our last release.
The following is from the list of top 10 vulnerability scanners:
#7. Sara : Security Auditor’s Research Assistant

SARA is a vulnerability assessment tool derived from the infamous (at least in 1995) SATAN scanner. They ceased development after releasing version 7.9.1 in June 2009.
Source: Insecure.org

• Operating Systems: Windows, Mac OS X, OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
• Price: FREEWARE
• Interface: GUI based tool, Command-line
• Open-Source Tool

The following is a snapshot of SARA Vulnerability Scanner [Source: www-Arc.com]

QualysGuard from Qualys, is a web based vulnerability scanner. Following SARA is our QualysGuard scanner:
#8. QualysGuard : A web-based vulnerability scanner

Delivered as a service over the Web, QualysGuard eliminates the burden of deploying, maintaining, and updating vulnerability management software or implementing ad-hoc security applications. Clients securely access QualysGuard through an easy-to-use Web interface. QualysGuard features 5,000+ unique vulnerability checks, an Inference-based scanning engine, and automated daily updates to the QualysGuard vulnerability KnowledgeBase.
Source: Insecure.org

• Price: Paid
• Interface: GUI based tool

The following is copied and pasted from official Qualys website:
Qualys’ on demand approach to IT security and compliance enables organizations of all sizes to successfully achieve both vulnerability management and policy compliance initiatives cohesively, while reducing costs and streamlining operations. Using an innovative Software as a Service (SaaS) approach, the QualysGuard® Security and Compliance Suite combines Qualys’ industry leading vulnerability management service with a comprehensive IT compliance solution.
The following is the screenshot of QualysGuard[Source: Qualys website]:

Following QualysGuard is a great vulnerability scanner, SAINT.
#9. SAINT : Security Administrator’s Integrated Network Tool

SAINT is another commercial vulnerability assessment tool (like Nessus, ISS Internet Scanner, or Retina). It runs on UNIX and used to be free and open source, but is now a commercial product.
Source: Insecure.org

• Operating Systems: Linux, Mac OS X, OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
• Price: Paid
• Interface: GUI based tool
• Open-Source Tool

SAINT offers 3 ways of vulnerability scanning[Source: SAINT]:

• SAINT® downloadable software – Scan single hosts or all addresses on a network for the latest vulnerabilities.
• SAINTbox™ appliance – Powered by SAINT software, this plug and play appliance provides network vulnerability scanning and penetration testing on Class B and Class C networks as well as an assessment of individual network devices.
• WebSAINT® online scanner – This Internet-based CVE-compatible certified scanner lets you evaluate the security environment of a single computer, multiple computers, or an entire network.

The following is a snapshot of SAINT Vulnerability Scanner[Source: HelpNet Security]:

The final vulnerability scanner is our Microsoft Baseline Security Analyzer[MBSA].

[adsense size='2']
#10. MBSA : Microsoft Baseline Security Analyzer

Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM). Apparently MBSA on average scans over 3 million computers each week.
Source: Insecure.org

• Operating Systems: Windows
• Price: Freeware
• Interface: GUI based tool

Microsoft’s MBSA website describes the tools as:

Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems.

The following is a snapshot of MBSA [Source: TaoSecurity]:

Though this list is from 2006, this is more or less the current top 10 vulnerability scanners. The ordering between them might have changed. That is, one might have gone up or one might have gone down, though they would still be in the top 10 listing. We wanted to ensure that all our readers know about the vulnerability scanners currently in existence. We hope that you have enjoyed reading our blog post on vulnerability scanners.

Comments are closed.